Does APCu Manager have any unpatched vulnerabilities?

No. All known vulnerabilities in APCu Manager have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is APCu Manager compatible with WordPress 6.9.4?

According to WordPress.org data, APCu Manager 4.3.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is APCu Manager compatible with PHP 8.1+?

APCu Manager requires PHP 8.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is APCu Manager updated?

APCu Manager was last updated on Nov 22, 2025. Frequent updates are generally a positive security signal.

What is APCu Manager's security score?

APCu Manager has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

APCu Manager Security & Risk Analysis

wordpress.org/plugins/apcu-manager

APCu statistics and management right in the WordPress admin dashboard.

10K active installs v4.3.0 PHP 8.1+ WP 6.2+ Updated Nov 22, 2025

apcucachemonitorobject-cachew3tc

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is APCu Manager Safe to Use in 2026?

Generally Safe

Score 100/100

APCu Manager has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The "apcu-manager" plugin version 4.3.0 exhibits a mixed security posture. On the positive side, it has no recorded vulnerabilities (CVEs) and demonstrates a strong practice of using prepared statements for SQL queries, with a significant majority (84%) employing this secure method. The absence of dangerous functions, taint flows, and bundled libraries is also a good sign. However, there are notable concerns regarding its attack surface. The plugin exposes three AJAX handlers, two of which lack authentication checks, presenting a direct risk of unauthorized access and manipulation of plugin functionalities. Furthermore, while the plugin performs file operations and external HTTP requests, the static analysis doesn't provide enough detail on how these are handled, and the output escaping rate (64%) suggests a potential for cross-site scripting (XSS) vulnerabilities if not carefully implemented in the unescaped outputs. The vulnerability history being completely clear is encouraging, but the identified unprotected entry points mean that a zero-day exploit could still be a significant risk if these are not addressed.

Key Concerns

AJAX handlers without authentication checks
Output escaping not consistently applied

Vulnerabilities

None known

APCu Manager Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

APCu Manager Code Analysis

Dangerous Functions

Raw SQL Queries

21 prepared

Unescaped Output

68 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

84% prepared25 total queries

Output Escaping

64% escaped106 total outputs

Attack Surface

2 unprotected

APCu Manager Attack Surface

Entry Points7

Unprotected2

AJAX Handlers 3

authwp_ajax_hide_apcm_nagincludes\plugin\class-core.php:122

authwp_ajax_apcm_get_statsincludes\plugin\class-core.php:123

authwp_ajax_poo_switch_autoupdateperfopsone\functions.php:32

Shortcodes 4

[apcm-wpcli] includes\features\class-wpcli.php:438

[apcm-changelog] includes\plugin\class-core.php:82

[apcm-libraries] includes\plugin\class-core.php:83

[apcm-statistics] includes\plugin\class-core.php:84

WordPress Hooks 32

filterinit_perfopsone_admin_menusadmin\class-apcu-manager-admin.php:193

filterinit_perfopsone_admin_baradmin\class-apcu-manager-admin.php:194

actionshutdownincludes\api\object-class.php:234

actionshutdownincludes\api\object-class.php:253

actioncron_schedulesincludes\plugin\class-core.php:72

actioncron_schedulesincludes\plugin\class-core.php:73

filterperfopsone_plugin_infoincludes\plugin\class-core.php:78

actioninitincludes\plugin\class-core.php:79

actioninitincludes\plugin\class-core.php:80

actionwp_headincludes\plugin\class-core.php:81

actionadmin_enqueue_scriptsincludes\plugin\class-core.php:113

actionadmin_enqueue_scriptsincludes\plugin\class-core.php:114

actionadmin_menuincludes\plugin\class-core.php:115

actionadmin_menuincludes\plugin\class-core.php:116

actionadmin_menuincludes\plugin\class-core.php:117

actionadmin_initincludes\plugin\class-core.php:118

filterplugin_row_metaincludes\plugin\class-core.php:120

actionadmin_noticesincludes\plugin\class-core.php:121

actionwp_enqueue_scriptsincludes\plugin\class-core.php:135

actionwp_enqueue_scriptsincludes\plugin\class-core.php:136

filterplugins_apiincludes\plugin\class-updater.php:68

filtersite_transient_update_pluginsincludes\plugin\class-updater.php:69

actionupgrader_process_completeincludes\plugin\class-updater.php:70

filterclean_urlincludes\plugin\class-updater.php:71

filterperfopsone_apcu_infoincludes\system\class-apcu.php:51

filtersite_status_testsincludes\system\class-sitehealth.php:77

filtersite_status_testsincludes\system\class-sitehealth.php:78

filtersite_status_testsincludes\system\class-sitehealth.php:79

filtersite_status_testsincludes\system\class-sitehealth.php:81

filterdebug_informationincludes\system\class-sitehealth.php:91

filterdebug_informationincludes\system\class-sitehealth.php:109

actionadmin_bar_menuperfopsone\class-adminbar.php:54

Maintenance & Trust

APCu Manager Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedNov 22, 2025

PHP min version8.1

Downloads131K

Community Trust

Rating92/100

Number of ratings20

Active installs10K

Alternatives

APCu Manager Alternatives

SQLite Object Cache

sqlite-object-cache

100

A fast persistent object cache backend for the rest of us, powered by SQLite and accelerated by APCu

9K No CVEs

atec Cache APCu

atec-cache-apcu

100

Super fast APCu-based Object Cache and the only APCu-powered Page Cache plugin for WordPress.

1K No CVEs

atec Cache Info

atec-cache-info

100

Show system cache status and statistics for OPcache, JIT, Object Cache, APCu, Redis, Memcached, and SQLite Cache.

1K No CVEs

Object Cache for APCu – ZapCu

apcu-object-cache

100

Lightweight object caching plugin using PHP's APCu extension for fast in-memory caching and performance boost.

100 No CVEs

{eac}ObjectCache – a persistent object cache using SQLite & APCu to cache WordPress objects.

eacobjectcache

100

{eac}ObjectCache is a persistent object cache using APCu & SQLite to cache WordPress objects; A drop-in replacement to the WP Object Cache used by …

10 No CVEs

Developer Profile

APCu Manager Developer Profile

Pierre Lannoy

12 plugins · 15K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

65 days

View full developer profile

Detection Fingerprints

How We Detect APCu Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/apcu-manager/assets/css/apcu-manager.css/wp-content/plugins/apcu-manager/assets/js/apcu-manager.js

Script Paths

/wp-content/plugins/apcu-manager/assets/js/apcu-manager.js

Version Parameters

apcu-manager/assets/css/apcu-manager.css?ver=apcu-manager/assets/js/apcu-manager.js?ver=

HTML / DOM Fingerprints

CSS Classes

apcm-about-logo

HTML Comments

Provide a admin-facing view for the pluginMain plugin file.This file is used to markup the admin-facing aspects of the plugin.

Data Attributes

apcm-librariesapcm-changelog

JS Globals

APCM_ASSETS_ID

Shortcode Output

[apcm-libraries][apcm-changelog]

FAQ